Cloudflare
Coverage of Cloudflare in the Nexus archive.
- Cloudflare puts prices on AI scraping
Cloudflare has introduced a bot paywall system allowing customers to charge AI models for scraping their content. The system enables content owners to set minimum prices and AI crawlers to bid, creating a two-sided marketplace. Stephanie Cohen, Cloudflare's chief strategy officer, highlighted the shift toward monetizing internet interactions as AI activity grows.
- A week in security (June 29 – July 5)
The article highlights multiple security threats, including malware spread through verified ads on Mac systems, the ConsentFix malware stealing Microsoft accounts, and vulnerabilities in Apple's Hide My Email feature. It also covers fake Google and Cloudflare verification pages distributing malware, a critical WinRAR flaw, a deceptive Perplexity Chrome extension, and security updates from Apple for iOS, MacOS, and Safari.
- Cloudflare will filter out web crawlers that serve AI companies
Cloudflare will filter web crawlers used by AI companies to give websites more control over how their content is utilized by these firms.
- Cloudflare to block cynical search-and-scrape bots from ad-supported web pages
Cloudflare will block mixed-use crawlers from ad-supported websites by default starting September 15, 2026, affecting Apple, Google, and Microsoft's Bing crawlers. The move aims to give publishers control over AI data harvesting, as these crawlers combine search indexing and content scraping for AI training.
- In the AI era, be a builder or a seller, not a measurer
Cloudflare reduced its workforce by 20% but increased engineering hires by 45%, reflecting CEO Matthew Prince's view that AI is reshaping job value in tech companies. Prince categorizes roles into builders (engineers), sellers, and measurers (managers, finance, operations), noting AI is displacing measurers while boosting demand for builders and sellers.
- It's looking like a hot, messy summer for security teams as AI finds countless previously hidden vulns
A coalition led by Chainguard, including companies like BNY, Cisco, and Cloudflare, is using AI to identify and patch vulnerabilities in open-source code. The group, Athena, has already processed 20,000 findings and developed 2,000 patches across 500 projects, warning of a 'messy summer' due to the scale of undiscovered flaws.
- Cloudflare – China Digital Times and the Fight Against Censorship
Cloudflare collaborates with China Digital Times to combat censorship. The partnership focuses on technological efforts to circumvent digital restrictions.
- Cloudflare – 2026 Cloudflare report on cyberattacks against civil society
Cloudflare released a 2026 report detailing cyberattacks targeting civil society. The report focuses on security threats faced by organizations and individuals involved in civil society activities.
- Need a second opinion on a weird Discord interaction (Odd Minecraft server request + domain flags)
A user received a suspicious Discord friend request from the Wuthering Waves Official Discord, leading to a voice call with a person claiming to be German but speaking Turkish with unnatural vocal glitches. The individual requested feedback on a Minecraft server link with a newly registered domain (May 5, 2026) and defensively dismissed concerns about its legitimacy.
- Cloudflare launched self-managed OAuth for all
Cloudflare has launched self-managed OAuth for all users, expanding access to its authentication service. The feature allows developers to manage OAuth workflows independently.
- [GR] Fake Cloudflare Human Verification Scam (me3k.trappopbuttonrightnow.monster) - Executed PowerShell Script
A user was redirected to a fake Cloudflare Human Verification page that tricked them into executing a PowerShell script. The script downloaded and ran code from a suspicious domain, prompting the user to disconnect their PC from the internet and run malware scans, which found no threats.
- Vail Resorts taps bankers to play defense
Vail Resorts is consulting takeover-defense bankers to assess vulnerabilities amid pressure from labor groups, billionaire Matthew Prince, and natural challenges. Rob Katz, reappointed as CEO, is addressing customer complaints and Prince's $500 million offer for Park City Mountain Resort, while the company faces labor disputes and a severe winter season.
- This 'anti-bot' startup wants to pay you to interact with brands. Read the pitch deck it used to raise $18.5 million.
EarnOS, a startup that pays users to engage with brands online to combat AI bots, has raised $18.5 million and launched its app Ero. The app verifies human interaction and rewards users with cryptocurrency, partnering with brands like Nike.
- More Big Tech execs are joining the Army Reserve as senior officers
Three tech executives joined the Army Reserve's Detachment 201 as lieutenant colonels to advise on AI, cyber, and modernization. The unit aims to bridge private-sector innovation with military modernization, expanding the Army's collaboration with Big Tech leaders.
- US Army commissions second cohort of tech executives into innovation unit
The US Army commissioned three technology executives into Detachment 201, an innovation unit bridging the commercial sector and military. The unit aims to address modern warfare challenges involving autonomous systems and artificial intelligence.
- Palantir cofounder says CEOs are pretending layoffs are about 'AI productivity' when they're not
Palantir cofounder Joe Lonsdale claims CEOs are misrepresenting layoffs as being driven by 'AI productivity' rather than poor hiring decisions or growth issues. Companies like Cloudflare, Snap, Block, Atlassian, and Coinbase have cited AI in layoff memos, but Lonsdale and others argue the real causes are over-hiring or management failures. Venture capitalists and industry figures such as Marc Andreessen and Sam Altman have supported this view.
- Silicon Valley founders are publicly roasting VCs online. Here are their wildest stories.
Silicon Valley founders are sharing negative experiences with venture capitalists on social media, including stories of investors falling asleep during meetings and making sexist remarks. Examples include Greg Isenberg describing a general partner sleeping through a pitch and Matthew Prince recounting a Sequoia partner dismissing Cloudflare's co-founders.
- Internet traffic from AI agents and other bots now surpasses that of people
Internet traffic from AI agents and other bots now exceeds traffic generated by humans, as reported by a Cloudflare executive. The claim highlights a shift in web traffic dynamics driven by automated systems.
- Cloudflare CEO Is Lying to You About the Bot Traffic Jump
The article accuses Cloudflare's CEO of misleading claims about a surge in bot traffic. It references a Flying Penguin blog post and Hacker News discussion with 64 points and 34 comments.
- US National Security Agency reportedly using Mythos for hacking
The US National Security Agency is reportedly using Anthropic’s Mythos AI model for hacking, despite the model not being publicly released due to its vulnerability exploitation capabilities. The NSA’s offensive use of Mythos contrasts with its intended defensive purpose, while the US government faces a legal battle with Anthropic. AI-led web traffic is rising, with Cloudflare noting most traffic is now AI-driven, and Iran is a hotspot for malicious AI activity.
- Utah’s richest man wants Vail Resorts to sell him the nation’s largest ski area
Matthew Prince, a billionaire and founder of Cloudflare, is urging Vail Resorts to sell Park City Mountain Resort, the largest ski area in the U.S., arguing the company’s stock is undervalued and its management is poor at capital allocation. He advocates for an asset-light franchise model to divest resorts while retaining pass partnerships.
- Bot web traffic has overtaken human web traffic, data shows
Bot web traffic has surpassed human web traffic, according to data from Cloudflare. The report highlights that automated traffic now dominates online activity.
- OpenAI's agent chained decade-old DoS attacks to crash web servers in seconds
OpenAI's Codex agent discovered a new denial-of-service (DoS) attack named HTTP/2 Bomb, which combines two decade-old techniques to crash vulnerable web servers in seconds. The exploit affects default HTTP/2 configurations on servers like nginx, Apache, and Microsoft IIS, with some vendors having released patches while others dispute the findings.
- VoidZero Is Joining Cloudflare
VoidZero is joining Cloudflare. The announcement was made in a blog post and is being discussed on Hacker News with 36 points and 7 comments.
- Bots have now passed human traffic online for the first time
Bots have surpassed human traffic online for the first time, according to data from Cloudflare's radar. The milestone marks a significant shift in internet traffic composition.
- Anthropic expanding access to Project Glasswing
Anthropic is expanding its Project Glasswing program to 150 new organizations across 15 countries, focusing on underrepresented sectors like power, water, and healthcare. The initiative, using its Claude Mythos Preview model, has already identified over 10,000 high- or critical-severity software vulnerabilities. Partners such as Cloudflare and Mozilla reported significant increases in bug discovery rates, but Anthropic emphasizes challenges in addressing these flaws due to human resource limitations.
- FSB Alleges Mass Cyber Spying Involving Global Tech Firms Fastly and Cloudflare
The FSB accused Western intelligence agencies and major tech companies of orchestrating a cyber operation to hack and spy on high-ranking Russian officials' smartphones. The operation allegedly involved global tech firms Fastly and Cloudflare.
- Cloudflare Turnstile requiring fingerprintable WebGL
Cloudflare's Turnstile service is requiring users to enable fingerprintable WebGL, raising privacy concerns. The change involves using WebGL for browser fingerprinting, which can uniquely identify devices.
- The internet is being rebuilt for machines
AI agents are transitioning from experimental stages to production use, prompting companies like AWS and Cloudflare to redesign cloud infrastructure for a future dominated by machine-generated internet traffic rather than human users.
- AI agents get their own phone directory built atop DNS
DNS for AI Discovery (DNS-AID) is an open-source project enabling AI agents to discover each other via DNS, avoiding fragmented configurations. Built on existing infrastructure like SVCB and DNSSEC, it allows agent discovery by name, function, or domain, supported by major DNS providers.
- Iran slowly reconnects to the global internet
Iran's government has begun reconnecting to the global internet after an 88-day outage triggered by a national security policy following attacks from the USA and Israel. Vice-President Mohammad Reza Aref announced the first step toward regulated internet access, with traffic resuming as reported by NetBlocks and Cloudflare. Analysts note Iran's use of a tiered internet system and ongoing content filtering, while the government cited security reasons for past blocks.
- Cloudflare Flagship
Cloudflare has launched a new product called Flagship, which is detailed on their developers' website. The article has generated 26 points and 9 comments on Hacker News, indicating moderate engagement.
- Anthropic: Mythos finds more than 10,000 software flaws in first month
Anthropic's Project Glasswing, using its Mythos AI model, discovered over 10,000 high- or critical-severity software vulnerabilities in its first month, significantly advancing AI-driven cybersecurity. Partners like Cloudflare and Mozilla reported substantial increases in bug detection, though challenges remain in verifying and patching flaws. The model's success highlights a shift in cybersecurity priorities from discovery to remediation.
- Vail Resorts' CEO Rob Katz says he won't hedge the weather on prediction markets
Vail Resorts' CEO Rob Katz avoids hedging weather risks in prediction markets due to the complexity of weather patterns, despite a 15% drop in skier visits and 12% declines in ski-school and dining revenue this winter. The company's reluctance contrasts with CFTC Chairman Michael Selig's advocacy for betting platforms like Kalshi and Polymarket. Meanwhile, Vail faces challenges including declining season passes, a labor strike at Park City, and criticism from Cloudflare CEO Matthew Prince.
- The day my ping took countermeasures
Cloudflare implemented countermeasures to mitigate a ping-based DDoS attack, successfully preventing service disruption by analyzing traffic patterns and deploying rate-limiting techniques. The incident highlighted the importance of adaptive security strategies in defending against evolving cyber threats.
- We need a new AI vocabulary
The article critiques how business leaders and politicians are communicating about AI's job displacement impact, arguing they need more honest and empathetic messaging. It highlights how companies are using different narratives for investors versus employees, and warns that AI will become a major political issue if leaders fail to demonstrate how the technology benefits ordinary Americans.
- AI might cut false positives, but it won’t stop the slop
AI models like Anthropic's Mythos and OpenAI's Daybreak are generating a flood of new vulnerability reports, but many are false positives or lack proof of concept. GitHub is tightening its definition of a complete bug report due to the influx of AI-assisted submissions. Companies are struggling to separate signal from noise in bug reports.
- Anthropic has acquired the dev tools startup used by OpenAI, Google, and Cloudflare
Anthropic has acquired Stainless, a dev tools startup used by major companies. Stainless will wind down its hosted products as part of the acquisition. The deal involves notable companies such as OpenAI, Google, and Cloudflare.
- Project Glasswing: what Mythos showed us
Project Glasswing was showcased by Mythos, with an article available on Cloudflare's blog and a comments section on Hacker News. The project has garnered 25 points and currently has no comments. The article discusses cyber frontier models.
- The Class of 2026 is cooked
The Class of 2026 faces a drastically different job market as AI adoption accelerates, with tech companies laying off thousands and AI agents replacing human roles. Graduates are struggling to find employment, with some applying to hundreds of positions, pursuing unpaid roles, or creating AI projects to attract recruiters. Economists warn of potential 30% unemployment rates for recent graduates as the AI revolution fundamentally reshapes hiring.